Many businesses across the country don’t think twice about allowing staff members to take corporate computers, laptops, tablets and other computing devices home with them, but there is a risk to having company computers in the homes of your staff.
The latest lesson learned comes from a hospital in southwest Indiana who recently reporting a HIPAA breach of over 29,000 patient records simply because an employee had a hospital laptop stolen from their home.
According to a company statement, an unencrypted laptop containing the personal health information of patients was stolen from one of their employee’s homes on Nov 27, 2012. Patient names, addresses, social security numbers and/or clinical treatment data were stored on this company laptop.
President & CEO of Gibson General Hospital, Emmett Schuster said “There is no evidence to believe that the data on the laptop was the target of the theft or that any information has been or will be accessed for fraudulent purposes.” Schuster commented that protecting the information of their patients is top priority for Gibson General Hospital.
Protecting your corporate information must be a priority no matter how important it is or if you have requirements under HIPAA that you must meet.
How often do you review your policies and procedures when it comes to safeguarding corporate resources and your data? Have you tested your business continuity and disaster recovery plan? Do you have systems in place to encrypt sensitive business data if a corporate asset is stolen or goes missing?
Shuster will be reviewing all policies and procedures with Gibson General Hospital and so should you. Contact us today to book a no obligation review of your IT safeguards, data protection systems and your IT security infrastructure.
